GO-2026-4733 Mattermost fails to bound memory allocation when processing DOC files in github.com/mattermost/mattermost-server

Mattermost fails to bound memory allocation when processing DOC files in github.com/mattermost/mattermost-server. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports...

Mattermost fails to bound memory allocation when processing DOC files

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing DOC files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted DOC file.. Mattermost Advisory ID:...

EUVD-2026-12430

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing DOC files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted DOC file.. Mattermost Advisory ID:...

GHSA-XV2P-WCHJ-QJHP Mattermost fails to bound memory allocation when processing DOC files

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing DOC files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted DOC file.. Mattermost Advisory ID:...

CVE-2026-25780

Mattermost versions 11.3.x = 11.3.0, 11.2.x = 11.2.2, 10.11.x = 10.11.10 fail to bound memory allocation when processing DOC files which allows an authenticated attacker to cause server memory exhaustion and denial of service via uploading a specially crafted DOC file.. Mattermost Advisory ID:...

PT-2025-50779

Name of the Vulnerable Software and Affected Versions PDFsam Enhanced affected versions not specified Description A flaw exists in PDFsam Enhanced related to the processing of DOC files. The issue stems from allowing the execution of potentially harmful scripts without providing a warning to the...

EUVD-2016-9230

Malware in sbrugna...

EUVD-2013-2146

Malware in sbrugna...

CVE-2023-27365

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must...

CVE-2023-27365

CVE-2023-27365 affects Foxit PDF Editor (and related Foxit PhantomPDF components) via a flaw in DOC file parsing where macro-enabled documents are not properly restricted. An attacker can trigger arbitrary code execution by convincing a user to open a malicious DOC/file or visit a malicious page,...

(0Day) Hancom Office Word DOC File Parsing Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hancom Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

Foxit PhantomPDF < 10.1.12 Multiple Vulnerabilities

According to its version, the Foxit PhantomPDF application formally known as Phantom installed on the remote Windows host is prior to 10.1.12. It is, therefore affected by multiple vulnerabilities: - Addressed a potential issue where the application could be exposed to Remote Code Execution...

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DO...

SUSE CVE-2015-5213

Integer overflow in LibreOffice before 4.4.5 and Apache OpenOffice before 4.1.2 allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via a long DOC file, which triggers a buffer overflow...

Malicious code in toh-doc-files (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e19436233a047eab780063a658fde54dd5df420b84f4e095b0af5b16f6d7e328 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2023-891 Malicious code in toh-doc-files (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware e19436233a047eab780063a658fde54dd5df420b84f4e095b0af5b16f6d7e328 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Microsoft Office Word Converter Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DO...

Microsoft Office Word Converter Type Confusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DO...

Microsoft Word HTML Rendering Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of D...

Buffer Overflow

LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and...